[wp-trac] [WordPress Trac] #29557: PHP Crash on Large Block of HTML

WordPress Trac noreply at wordpress.org
Tue Sep 9 20:20:52 UTC 2014 

#29557: PHP Crash on Large Block of HTML
-----------------------------------+--------------------
 Reporter:  MrBobDobolina          |       Owner:
     Type:  defect (bug)           |      Status:  new
 Priority:  normal                 |   Milestone:  4.0.1
Component:  Formatting             |     Version:  4.0
 Severity:  major                  |  Resolution:
 Keywords:  wptexturize has-patch  |     Focuses:
-----------------------------------+--------------------

Comment (by ArsenyKovalchuk):

 Replying to [comment:28 miqrogroove]:
 > Replying to [comment:27 ArsenyKovalchuk]:
 > > I get following regexp code which crashes
 > >
 > > {{{
 > >
 preg_match('/^\[\[?\/?(?:embed|wp_caption|caption|gallery|playlist|audio|video|layerslider|adrotate|acf|go_pricing|go_pricing_youtube|go_pricing_vimeo|go_pricing_screenr|go_pricing_dailymotion|go_pricing_metacafe|go_pricing_html5_video|go_pricing_soundcloud|go_pricing_mixcloud|go_pricing_beatport|go_pricing_audio|go_pricing_map|go_pricing_custom_iframe|free_adv_form|ahm\-pricing\-table|rev_slider|page_polls|poll|ratings|p2p_connected|p2p_related|contact\-form\-7|contact\-form|vc_container_anchor|dt_cell|dt_box|dt_gap|dt_divider|dt_stripe|dt_fancy_image|dt_list_item|dt_list|dt_button|dt_tooltip|dt_highlight|dt_code|dt_code_final|dt_tab|dt_tabs|dt_item|dt_accordion|dt_toggle|dt_quote|dt_call_to_action|dt_teaser|dt_banner|dt_benefits|dt_benefit|dt_progress_bars|dt_progress_bar|dt_contact_form|dt_social_icons|dt_social_icon|dt_map|dt_blog_posts_small|dt_blog_posts|dt_portfolio|dt_portfolio_jgrid|dt_portfolio_slider|dt_small_photos|dt_slideshow|dt_team|dt_testimonials|dt_logos|dt_text|dt
 _vc_list_item|dt_vc_list|dt_benefits_vc|dt_fancy_video_vc|dt_fancy_title|dt_fancy_separator|types|vc_row|vc_row_inner|vc_column|vc_column_text|vc_separator|vc_text_separator|vc_message|vc_facebook|vc_tweetmeme|vc_googleplus|vc_pinterest|vc_toggle|vc_single_image|vc_tabs|vc_tour|vc_tab|vc_accordion|vc_accordion_tab|vc_carousel|vc_posts_slider|vc_widget_sidebar|vc_button2|vc_cta_button2|vc_video|vc_gmaps|vc_raw_html|vc_raw_js|vc_flickr|vc_progress_bar|vc_pie|layerslider_vc|rev_slider_vc|vc_column_inner)(?![\w-])(?:[^\[\]<>]|<[^>]+>)*+\]\]?$/','[vc_row
 margin_top="35" margin_bottom="45" padding_left="40" padding_right="40"
 bg_position="top" bg_repeat="no-repeat" bg_cover="false"
 bg_attachment="false" padding_top="40" padding_bottom="40"
 parallax_speed="0.1"][vc_column width="3/4"][dt_benefits_vc columns="4"
 style="1" dividers="true" image_background="true" target_blank="false"
 header_size="h5" content_size="normal" number="4" orderby="date"
 order="desc" animation="scale" category="no-captions,no-buttons"
 image_background_color="#ffffff"]')
 > > }}}
 >
 > So that one command crashes your server if you put it in a php file?  I
 want to be specific, because the trackback count for that command is only
 on the order of 400.  This should be less than the pattern before the
 loop.

 Hi, as you may expect I got that command by logging following inside the
 loop

 {{{
 $str = '/^\[\[?\/?' . $tagregexp . '(?:[^\[\]<>]|<[^>]+>)*+\]\]?$/';
 error_log("preg_match('$str','$curl')");
 }}}

 And, yes, the code crashes the server if I put it in a separate file.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/29557#comment:30>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list